MedStar Health forced to turn patients away after virus attack

Despite saying that it responded quickly to the malware that locked users out of IT systems, the health network had to deny some patients access while it continues recovering from the malicious code.
By Jack McCarthy
07:38 AM

MedStar Health was forced to turn some patients away on Tuesday as it recovered from a computer virus.

The healthcare provider said Tuesday that it was making progress toward restoring functionality of its computers, which were taken down after being hit by malware early Monday morning. MedStar then took those IT systems offline to avoid further corrupting its network infrastructure.

“With a few unique exceptions, all of our doors remain open,” MedStar explained in a statement, while several reports said patients were denies access to the hospital and sent elsewhere. “The safety of patients and associates and the privacy of their information is our utmost concern.”

Officials said they have not encountered evidence that patient data has been either stolen or compromised and that MedStar employees will refrain from adding any new data to systems without first determining that those computers are clean.

The attack, currently under investigation by the FBI, forced MedStar’s 10 hospitals and more than 250 outpatient centers to shut down their computers and email on Monday.

The provider said staffers were working Tuesday to restore the majority of IT machines. They are using backup systems, including paper documentation, where necessary, and as an additional layer of support to clinical operations.

Several reports described the attack as ransomware, malicious code deployed to hold systems hostage until victims pay for a key to regain access. While neither the FBI nor MedStar have confirmed that the code is in fact ransomware, that style of attack has spiked in recent weeks with instances at Chino Valley Medical Center and its sister site Desert Valley Medical Center in California, Methodist Hospital in Kentucky and, prior to those, Hollywood Presbyterian was forced to pay cybercriminals $17,000 in Bitcoin in mid-February.  

Twitter: @HealthITNews


Like Healthcare IT News on Facebook and LinkedIn